6 Replies Latest reply on Mar 16, 2017 5:37 AM by Luis Vazquez

    Openfire 4.1.3 SSO on Windows Server 2008 R2 with Spark 2.8.3

    Bertram

      Hello,

       

      i used the 28 Steps Guide to set up SSO with Openfire and Spark.

      It all seemed to go well but as i tried to activate SSO at the Spark Client i get SSO Errors from the Spark Client.

       

      I do not know what is causing the errors, as i am able to connect to the admin-console as the domain administrator.

      In Addition i can't see any blockings in the firewall, but maybe i miss something, because the manual for SSO just said: disable the firewall, which is not possible for me.

       

      I appreciate any help.

       

      Here is an error from the errors.log of spark:

       

      Mär 14, 2017 3:22:50 PM org.jivesoftware.spark.util.log.Log error

      SCHWERWIEGEND: connection error

      org.jivesoftware.smack.SmackException$ConnectionException: The following addresses failed: '_xmpp-client._tcp.domain.com:5222' failed because javax.naming.NameNotFoundException: DNS name not found [response code 3]; remaining name '_xmpp-client._tcp.domain.com', 'domain.com:5222' failed because java.net.ConnectException: Connection refused: connect

        at org.jivesoftware.smack.SmackException$ConnectionException.from(SmackException.j ava:255)

        at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPC onnection.java:612)

        at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection. java:850)

        at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.ja va:364)

        at org.jivesoftware.LoginDialog$LoginPanel.lambda$login$1(LoginDialog.java:1099)

        at java.awt.event.InvocationEvent.dispatch(Unknown Source)

        at java.awt.EventQueue.dispatchEventImpl(Unknown Source)

        at java.awt.EventQueue.access$500(Unknown Source)

        at java.awt.EventQueue$3.run(Unknown Source)

        at java.awt.EventQueue$3.run(Unknown Source)

        at java.security.AccessController.doPrivileged(Native Method)

        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(U nknown Source)

        at java.awt.EventQueue.dispatchEvent(Unknown Source)

        at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)

        at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)

        at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)

        at java.awt.EventDispatchThread.pumpEvents(Unknown Source)

        at java.awt.EventDispatchThread.pumpEvents(Unknown Source)

        at java.awt.EventDispatchThread.run(Unknown Source)

       

      and this is the warn.log entry:

       

      Mär 14, 2017 3:22:50 PM org.jivesoftware.spark.util.log.Log warning

      WARNUNG: Exception in Login:

      org.jivesoftware.smack.SmackException$NotConnectedException: Client is not, or no longer, connected.

        at org.jivesoftware.smack.tcp.XMPPTCPConnection.throwNotConnectedExceptionIfApprop riate(XMPPTCPConnection.java:342)

        at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java :452)

        at org.jivesoftware.LoginDialog$LoginPanel.login(LoginDialog.java:1131)

        at org.jivesoftware.LoginDialog$LoginPanel.access$900(LoginDialog.java:335)

        at org.jivesoftware.LoginDialog$LoginPanel$3.construct(LoginDialog.java:894)

        at org.jivesoftware.spark.util.SwingWorker.lambda$new$1(SwingWorker.java:138)

        at java.lang.Thread.run(Unknown Source)

        • Re: Openfire 4.1.3 SSO on Windows Server 2008 R2 with Spark 2.8.3
          Luis Vazquez

          What is the Client OS?

          Are they able to log in without SSO?

            • Re: Openfire 4.1.3 SSO on Windows Server 2008 R2 with Spark 2.8.3
              Bertram

              Hello Luis,

               

              at first thank you for answering.

               

              I'm using windows 8.1.

              Unfortunally the normal login fails too, which i never tested before. Sorry for that.

              Do you have any idea why i have this issue?

               

              i also tried the following client versions for SSO: 2.7.1; 2.7.7.; 2.90 nightly build from monday

              In addition i tried it on 3 machines.

               

              Kind Regards

              Bertram

                • Re: Openfire 4.1.3 SSO on Windows Server 2008 R2 with Spark 2.8.3
                  Luis Vazquez

                  Based on the error log it seems that the client cant find the server host name

                   

                  I would try pinging the server from the client computer to see if they even see each other.

                   

                  These are issues we found while setting up Open fire and spark with SSO.

                       1. Make sure that all of the ports displayed in the page after logging in to the Admin console are able to go through the firewall.

                       2. Make sure that the scripts have double "quotations" as copying from the PDF will cause a single quotation in one of the scripts (took us 2 days to find that one)

                       3. We found out that the client has to run in admin mode in order for SSO to work correctly (specially if you are getting a red message saying that it cant find the principal)

                       4. If you are using an AD LDAP server to configure the database, SSO using the KRB5 config file isn't necessary. We ended up using the DNS option in the SSO settings.

                       5. The install Location of the OpenFire aplication (if using a virtual machine), We ended up installing it on a separate partition rather than the OS partition.

                  1 of 1 people found this helpful